SURF Code:SURF-2025-0007 Group members’ name: Jiayi Mao, Chi Zhang, Ruoqi Hao, Xinyao Huang
Abstract: This study employs a mixed-methods design to investigate the drivers and manifestations of opportunistic behaviors in information security compliance across China's financial, real estate, and large state-owned enterprise (SOE) sectors. Qualitative data from 40 in-depth interviews with professionals were integrated with quantitative survey data (Finance: n=330; Real Estate: n=225). Thematic analysis revealed that such behaviors are consistently driven by ambiguous policies, intense performance pressure, and a culture that often prioritizes operational efficiency over security. The survey quantitatively validated the prevalence of these behaviors and their drivers across sectors. The study underscores the critical need for industry-contextualized security training, user-centric technological solutions, and a leadership-driven cultural shift to effectively bridge the gap between policy and practice.